Reverse engineering unknown protocols

Tonimir Kišasondi, Željko Hutinski, Vesna Dušak: Reverse engineering unknown protocols
CECIIS conference, 24-26.9 2008

Abstract:
In this work we will present our method for analyzing and reverse engineering unknown or proprietary protocols for the purpose of analyzing the protocol security or gaining more insight into the protocols inner operation. We created a method that can be executed manually or can be packed into a fully automatic algorithm.

Supplement:
- PoC code for simple socket application that recieves, hex encodes and timestamps output from a TCP socket.
- Simple protocol reverse engineering application that searches for known encoded outputs which can be used as a starting point for larger or custom use applications.